Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:0 a.m.9 views

CVE-2023-46729

sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has bee...

9.3CVSS6.9AI score0.00631EPSS
Exploits0
Circl
Circl
added 2024/08/16 8:45 a.m.9 views

CVE-2023-46729

creationtimestamp| type| source ---|---|--- 2024-08-16 08:45:56+00:00| published-proof-of-concept| https://t.me/Rootsec2/1741...

9.3CVSS7.1AI score0.00631EPSS
Exploits0References1
CVE
CVE
added 2023/11/10 12:57 a.m.77 views

CVE-2023-46729

CVE-2023-46729 affects the Sentry JavaScript SDK for Next.js tunneling. An unsanitized input in the Next.js SDK tunnel endpoint allows making HTTP requests to arbitrary URLs and reflecting the response back to the user, exposing potential SSRF risks. This issue is limited to users who have the Ne...

9.3CVSS7.8AI score0.00631EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/11/10 12:57 a.m.42 views

CVE-2023-46729 Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpoint

sentry-javascript provides Sentry SDKs for JavaScript. An unsanitized input of Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This issue only affects users who have Next.js SDK tunneling feature enabled. The problem has bee...

9.3CVSS9.5AI score0.00631EPSS
Exploits0References3
Rows per page
Query Builder